<?php
/**
 * @todo Koppel ACL aan database.
 *
 * @category   Ahs
 * @package    Ahs_Acl
 * @author     Olivier Parent
 * @copyright  Copyright (c) 2011 Artevelde University College Ghent
 */
class Ahs_Acl extends Zend_Acl
{

    public function __construct($amf = false)
    {
        $this->addRole(new Zend_Acl_Role('guest' )                 ) // niet-ingelogde gebruiker
             ->addRole(new Zend_Acl_Role('projectmanager'))                  // ingelogde gebruiker
             ->addRole(new Zend_Acl_Role('admin')) // ingelogde beheerder
        ;
        
        if ($amf) {
            $this->_initAmf();
        } else {
            $this->_init();
        }
    }

    private function _init()
    {
        $this->allow('admin') // Geef rol 'admin' toegang tot alle resources met alle privileges
        

             // defaultModule
             ->addResource('defaultModule')
             ->allow(null, 'defaultModule')   // Geef alle rollen toegang tot resource 'defaultModule'

             ->addResource('errorController')
             ->allow(null, 'errorController') // Geef alle rollen toegang tot resource 'errorController'

             ->addResource('indexController')
             ->allow(null, 'indexController') // Geef alle rollen toegang tot resource 'indexController'
             
             ->addResource('projectController')
             ->allow(null, 'projectController')
             ->deny('guest', 'projectController')
                
             ->addResource('userController')
             ->allow(null, 'userController')  // Geef alle rollen toegang tot resource 'userController'
             ->deny( 'guest'  , 'userController') // wordt overgeërfd door member en admin!
             
             ->allow('guest'  , 'userController', array(
                                                    'indexAction',
                                                    'loginAction',
                                                    'registrationAction',
                 
                                                    
                                                    
                                                  ))
             
             ->deny( 'admin' , 'userController', array(
                                                    'loginAction',
                                                    'registrationAction',
                                                    
                                                    
                                                  ))
             ->deny( 'projectmanager' , 'userController', array(
                                                    'loginAction',
                                                    'registrationAction',
                                                    'listAction',
                                                    
                                                  ))
              ->deny( 'admin' , 'projectController', array(
                                                    'listAction',
                                                    
                                                    
                                                  ))
            
             // serviceModule
             ->addResource('serviceModule')
             ->allow(null, 'serviceModule') // Geef alle rollen toegang tot resource 'serviceModule'
             ->addResource('serviceModule.userController')
             ->allow(null, 'serviceModule.userController')
                
             
             
        ;
    }

    private function _initAmf()
    {
//        $this->addResource('Service_UserService', 'Service_ProjectService', 'Service_TaskService', 'Service_ForumService', 'Service_ChatService')
//             ->allow(null, 'Service_UserService', 'Service_ProjectService', 'Service_TaskService', 'Service_ForumService', 'Service_ChatService')
//        ;

        $this->addResource('Service_ProjectService')
             ->allow(null, 'Service_ProjectService')
        ;
        $this->addResource('Service_TaskService')
             ->allow(null, 'Service_TaskService')
        ;
        $this->addResource('Service_UserService')
             ->allow(null, 'Service_UserService')
        ;
        $this->addResource('Service_ForumService')
             ->allow(null, 'Service_ForumService')
        ;
        $this->addResource('Service_ChatService')
             ->allow(null, 'Service_ChatService')
        ;
    }

}
